I want to know which grants at the very least are required to select/insert/update/delete from a table.
Say I have a table t
in schema s
in database d
and a role r
.
I start with granting the required permissions mentioned above:
grant select, insert, update, delete on table s.t to r;
What else do I need? Are USAGE
on schema s
and CONNECT
on the database absolutely required, but also enough?
grant connect on database d to r;
grant usage on schema s to r;
Best Answer
There is no simple list of necessary and sufficient grants, because there are multiple paths that can be used. CONNECT on the database and USAGE on a schema are often done through "PUBLIC" rather than to individual roles, for example.
Newly created databases will have CONNECT privilege for PUBLIC by default, so unless you have gone out of your way to remove it no explicit grant is needed in that case. When you create a database, it comes with a schema named "public" which also has USAGE granted to PUBLIC, but schemas you create manually do not come with that privilege.